Addigy, a provider of cloud-based macOS/iOS management software, has highlighted five key GDPR processes and guidance for achieving Apple device compliance with the General Data Protection Regulation (GDPR) going into effect on May 25.
The General Data Protection Regulation (GDPR) goes into effect this week, impacting business operations worldwide that do business with European Union patrons. It’s a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1]
With the regulation coming into place, these businesses are now subject to fines for non-compliance of up to €20 million or 4% of the violating company’s annual revenue, whichever is greater.
MacOS/iOS deployments within the enterprise are on the rise with reports showing there has been a 128% increase in the use of Macs within companies employing more than 500 employees. Mac and iOS devices have become essential to the modern workforce as they’ve shown their strength in the areas of security, productivity, and reduced support requirements.
Like all computing platforms involving the storage of EU-based sensitive information, including Personally Identifiable Information (PII), Payment Card Industry (PCI) Information, and other data types, these systems fall under the GDPR mandate. In recognition f the special requirements this places on MacOS/iOS system administrators, Addigy is working with customers to help with the actions that must be taken or be put in place to ensure compliance. Leading the charge to safeguard customers, the company is citing five key GDPR requirements and the processes that must be in place for compliance.
The five top GDPR processes and capabilities administrators must be aware of for enterprise MacOS/iOS environments include:
- A process for Right to Erasure “Right to be Forgotten”;
- A process for the data subject to access their information and data portability;
- A process for data breach notification;
- A process to train company staff on GDPR requirements;
- The possible requirement for a data protection officer.
- To comply with the above processes, capabilities, and requirements, Addigy provides the following guidance for achieving compliance on all macOS/iOS devices under management. These include:
- Profile configurations: login banners; website blocking; Time Machine configuration;
- FileVault encryption;
- FileVault Manager activation of disk encryption as required;
- The integration of IT security tools such as Malwarebytes, WebRoot, and others help to prevent the risk of active data becoming compromised;
- Enterprise-wide monitoring allows for the tracking of key security and compliance features for GDPR;24/7 system updating to patch vulnerabilities or exploits such as Zero Day.
What’s more, having the company’s Device Enrollment Program, Mobile Device Management, and Volume Purchase Program in tandem will allow the administrator to remotely deploy, manage, and push out applications to all devices from a single pane of glass for enhanced control over devices to ensure the protection of sensitive information.
Addigy’s full-stack cloud-based Apple Device Management platform allows for centralized management (including Mobile Device Management) of distributed macOS/iOS computing environments.
Like this article? Consider supporting Apple World Today with a $5 monthly Team AWT membership.
